Encryption and Digital Signature Settings
148
Encryption and Digital Signature Settings
8
Configuration of Encryption using IPsec
This section describes how to encrypt communications using IPsec.
Step1 Import and Configuration of a Certificate
The following describes configuration procedures to set up a certificate with CentreWare
Internet Services.
When [IKE Authentication Method] is set to [Digital Signature], configure a certificate on
the machine. No certificate is registered on the machine by factory default.
To configure a certificate using CentreWare Internet Services, configure the encryption
settings for HTTP communications, and then import a certificate issued by another CA to
use it for the IPsec certificate.
You cannot use a self-signed certificate created with CentreWare Internet Services for IPsec.
The machine supports to import RSA
®
public key (up to 4096 bits).
If a certificate to be imported as an IPSec certificate contains V3 extension "KeyUsage", "digitalSignature" bit
must be asserted.
For details on how to configure the encryption settings for HTTP communication, refer to "Configuration of HTTP Communications
Encryption" (P.146).
1 Import a certificate.
For details, see "Security Certificates" (P.128).
You cannot import a certificate that has been already registered in [Device Certificates] or [Other
Certificates]. Delete the registered certificate before importing.
If the certificate to be imported contains the V3 extension "keyUsage", "digitalSignature" must be asserted.
2 Select the certificate in the [Security Certificates] screen.
3 In the [Certificate Details] screen, make sure that [Category] is set to [Device Certificate],
and [Certificate Use] is set to [IPsec].
Step2 Configuration on the Computer
Configure the following settings on the computer.
Create an IP security policy
Assign the IP security policy
For details on the settings, refer to the help of the computer.
To Next Page
Loading...
Need help?
General
